package com.lvcoding.cloud.common.security.auth;

import cn.hutool.core.util.ObjectUtil;
import com.lvcoding.cloud.api.entity.SysUser;
import com.lvcoding.cloud.common.core.constant.CommonConstant;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
import org.springframework.util.StringUtils;

import java.util.Collection;
import java.util.HashMap;
import java.util.Map;

/**
 * 将check_token信息转化到
 */
public class CommonUserConverter implements UserAuthenticationConverter {

    /**
     * 将认证信息返回给资源服务器
     * @param authentication
     * @return
     */
    @Override
    public Map<String, ?> convertUserAuthentication(Authentication authentication) {

        Map<String, Object> map = new HashMap<>();
        map.put(USERNAME, authentication.getName());
        if (ObjectUtil.isNotEmpty(authentication.getAuthorities())) {
            map.put(AUTHORITIES, authentication.getAuthorities());
        }
        return map;
    }

    /**
     * 将用户返回给资源服务器
     * @param map
     * @return
     */
    @Override
    public Authentication extractAuthentication(Map<String, ?> map) {

        CommonUser commonUser = createCommonUser(map);

        Collection<? extends GrantedAuthority> authorities = getAuthorities(map);

        return new UsernamePasswordAuthenticationToken(commonUser, CommonConstant.N_A, authorities);
    }

    /**
     * 组装CommonUser
     * @param map
     * @return
     */
    private CommonUser createCommonUser(Map<String,?> map) {
        String username = (String) map.get(CommonConstant.USER_NAME);
        Integer user_id = (Integer) map.get(CommonConstant.USER_ID);
        Collection<? extends GrantedAuthority> authorities = (Collection<? extends GrantedAuthority>) map.get(AUTHORITIES);
        CommonUser commonUser = new CommonUser();
        SysUser sysUser = new SysUser();
        sysUser.setUsername(username);
        sysUser.setPassword("N/A");
        sysUser.setId(user_id);
        commonUser.setSysUser(sysUser);
        commonUser.setAuthorities(authorities);
        return commonUser;
    }


    /**
     * 组装权限信息
     * @param map
     * @return
     */
    private Collection<? extends GrantedAuthority> getAuthorities(Map<String,?> map) {
        Collection<? extends GrantedAuthority> authorities = null;
        Object obj = map.get(AUTHORITIES);
        if (obj instanceof String){
            authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(obj.toString());
            return authorities;
        }else if (obj instanceof Collection){
            authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(StringUtils.collectionToCommaDelimitedString((Collection<?>) obj));
            return authorities;
        }

        //抛出不合法的参数异常
        throw new IllegalArgumentException("权限信息必须是字符串或者集合");
    }
}
